Hi there,
I have a general question concerning VLANs:
Is it possible to have more than one VLAN in one subnet? I remeber that I have learned to use one subnet per VLAN. ie. Vlan 10 192.168.0.0/24 VLAN 20 192.168.1.0/24 etc.
Now I workmade of mine told me that it should be possible to have more than one VLAN per subnet ie. VLAN 10 192.198.0.1 - 192.168.0.10/24 VLAN 20 192.168.0.11 - 192.168.0.20/24 etc.
It sounds like bullshit to me but just to make sure. Any thoughts about this.
Best...Andreas
In short, vlans and subnets need to go hand in hand. You need to remember that subnets can be anything from /0 to /32. In most DC and site architectures. you would use /22 - /30 for LAN subnets (4 - 1024 addresses) and /14 - /25 for summarization of an entire facility. That is not to say that you don't summarize to a /8 or to a /25 if you have a small retail footprint with only a few devices per location.
The reason I say this, is that in your example, the subnets go one for one with the vlans. Just because you have two or more vlans in
192.168.0.X, does not mean that you have multiple vlans in one subnet. In this case you are subnetting 192.168.0.x into smaller subnets and would make each of those a different vlan. They should generally match one to one, although in some cases you can do secondary interfaces to create smaller subnets within a single layer 2 broadcast domain.The short answer to your question is that you should generally have a
1:1 ratio of subnets to vlans, but it is absolutely OK to have small subnets if you know you will never need the additional address space. Why waste a complete /24 on a subnet that will only ever have 20 nodes? Instead, subnet to a /26 or /27 and save the address space.Not everything has to be a /24.....but it is nice when you vlan numbers can match your third octet....especially in a medium/large network.
Okay I understood your saying. But to make it clear to me one VLAN needs to be its own logical subnet with its own GW & Broadcast-address, right?
You cannot have one big subnet with different VLANs in it without subnetting the subnet before for the corresponding vlans, right?
Again; I cannot say 192.168.0.1 - 192.168.0.10 should be VLAN10 and
192.168.0.11 - 192.168.0.20 should be VLAN11 without subnet the original 192.168.0.0/24 net to smaller subnets with its corresponding subnetmask right?Thanks....Andy
qThe reason I say this, is that in your example, the subnets go one for qone with the vlans. Just because you have two or more vlans in q192.168.0.X, does not mean that you have multiple vlans in one qsubnet. In this case you are subnetting 192.168.0.x into smaller qsubnets and would make each of those a different vlan. They should qgenerally match one to one, although in some cases you can do qsecondary interfaces to create smaller subnets within a single layer 2 qbroadcast domain. q qThe short answer to your question is that you should generally have a q1:1 ratio of subnets to vlans, but it is absolutely OK to have small qsubnets if you know you will never need the additional address space. qWhy waste a complete /24 on a subnet that will only ever have 20 qnodes? Instead, subnet to a /26 or /27 and save the address space.
snipped-for-privacy@q30g2000vbn.googlegroups.com...
Yes that is correct. You cannot have multiple vlans in a single subnet since the separate broadcast domains would inhibit basic routing functionality. To do this, you would need to subnet the network and match each one of those to a vlan. You can however have multiple subnets in a single vlan via secondary interfaces, but this is a very rare requirement in my experience. Essentially the main vlan would match the whole network, and the secondary interfaces would allow you to subnet logically by assigning IP addresses with smaller masks than are actually on the main vlan interface. Hope that makes sense.
And by the way, you probably can do any of these things, just don't expect it to work at layer 3. I do know that you cannot assign overlapping addresses to two different SVIs. So by that definition, each vlan would need to have a separate address space, which you accomplish via subnetting your /24 in your example.
it depends what you are using VLANs to split up the network for.
But - in a hosting centre you might have a L2 type firewall between addresses in the same subnet.
i dont like that design, but it will work.
Think of it this way, a VLAN is a subnet, and a subnet is a VLAN.
Yes you **could** have more than one subnet assigned to a VLAN buy why? The entire point of a VLAN is so you don't need to do that in first place. The entire point of using a VLAN is so every subnet can have its own separate broadcast domain.
You **can** have the same subnet assigned to different subnets, but the reason you do this is so that you can use the same layer 3 address space, but the two VLANs could never talk to each other because they are logically separate enties because they can't be connected together with a layer 3 (routing) instance.
A subnet is a layer 3 addressing scheme, and a VLAN is a layer 2 broadcast domain which are always mapped in a one to one relationship. If you had two phyiscal router ports could you assign overlapping address space (or use the same address space) on both and expect the router to work? If you think it will, then don't understand the basics of routing.
I most definately do not think that. I mean the concept of routing as well as Vlans was quiet known to me. The reason to open this post was a confusing point of a workmate of mine who actually did not understand the basics.
Anyway I appreciate your thoughts and help!
Best....Andy
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.